From BruCON 2015
Jump to: navigation, search
(Created page with "=Offensive Techniques by Russ Gideon= In the professional information security world, there has yet to be a course which provides the students the knowledge and skills to carr...")
 
Line 41: Line 41:
 
This training is for technical IT security professionals like pentesters, but also for interested hackers.
 
This training is for technical IT security professionals like pentesters, but also for interested hackers.
  
===Key Learning Objectives===
+
===Technical Requirements and prerequisites===
 +
Student machines must be able to run at least 2 virtual machines utilizing either: VMWare
 +
Workstation (which can be obtained through a demo license) or Virtual Box. This usually means
 +
at least 4 gig’s of memory is needed.
  
* Deep understanding of the Portable Document Format
+
Student laptops must be running either OSX, Linux, or Windows and they must have the ability
* Analysis of (malicious) PDF files
+
to disable all antivirus on the machine. You must have administrative access on your machine as
* Creation of PDF files from scratch for pentesting purposes and other fun
+
well for sniffing traffic, adjusting firewalls, etc, etc.
  
===Technical Requirements===
+
Students must have:
A Windows laptop.
+
* a concept of scripting languages such as Python/Perl/Ruby
 
+
* A medium level of systems administration on a Windows or Linux machine (Windows preferable but not a must)
===Pre-Requisite Knowledge===
+
* Student’s laptop must be capable of running the Metasploit software
 
 
* fluent with the Windows command prompt
 
* notions of Python programming
 
* notions of shellcode development
 
  
 
===Detailed Agenda===
 
===Detailed Agenda===
Line 107: Line 106:
  
 
=Trainer Biography=
 
=Trainer Biography=
[[File:Photo-didier-stevens.jpg|190px|thumb|left]] '''Didier Stevens''' is 5-to-9 security researcher and Microsoft MVP. Mostly IT security. And programming. And (hardware) hacking. And PDF.
+
[[File:Attack-Research-Logo.jpg|190px|thumb|left]] '''Russ Gideon''' has many years of experience in information security fulfilling many diverse roles from
 +
being a core component of an Incident Response operation to managing an effective Red Team.
 +
Russ excels both at malware reverse engineering, which enables him to deeply understand how
 +
the attackers do what they do, as well as at high end Red Teaming where he has to penetrate
 +
sophisticated and well protected high value systems. Russ currently serves as the Director of
 +
Malware Research at Attack Research, LLC.
  
More information about Didier Stevens is available at his [http://blog.didierstevens.com blog]
+
More information is available on [http://carnal0wnage.attackresearch.com carnal0wnage]
  
[[Image:300px-twitter-icon.jpg|17px]] [https://twitter.com/#!/DidierStevens @DidierStevens]
+
[[Image:300px-twitter-icon.jpg|17px]] [https://twitter.com/#!/attackresearch @attackresearch]
  
[http://didierstevenslabs.com http://didierstevenslabs.com]
+
[http://www.attackresearch.com http://www.attackresearch.com]
  
 
<br><br><br><br><br><br><br><br><br><br><br>
 
<br><br><br><br><br><br><br><br><br><br><br>

Revision as of 12:52, 11 April 2013

Offensive Techniques by Russ Gideon

In the professional information security world, there has yet to be a course which provides the students the knowledge and skills to carry out a real world attack. Traditional penetration testing courses impart only a limited view of the exposure and vulnerabilities companies suffer from. Traditional classes are generally focused on standard scanner, framework and tool usage as well as techniques for collecting “shells” on target systems. In contrast, this course is designed to teach its students how to plan and execute a successful attack against a target, using the same techniques and mindsets that real attackers use.

Attack Research will bring a unique approach to penetration testing, using deep system knowledge and lesser-known techniques that will arm the student with true offensive capabilities. This class is designed to help students think past the need for known exploits. Alternating between hands-on exercises and lectures the students will walk away with having been given the chance to utilize the new skills that they will learn. A virtual target network will be provided, along with all of the software needed to participate in the labs.

The first day of the class will cover the basic, core skill sets, that are needed to be successful in an offensive operation. These skills are the foundation for being able to handle and evade a large array of technical defensive measures which the student may experience when attacking sophisticated environments. The Metasploit Framework will be used as a development platform for building custom tools and launching specialized attacks.

In the second day, our attention will turn to the initial target exploitation and lateral movement. The students will learn how to gain persistence and deep footholds into an organizations network. We will focus heavily on the persistence and post exploitation techniques that have been perfected by the Attack Research team. At the end of this day students will have a strong understanding of how to get into a network and then stay in. The third day will focus on deeply penetrating a Unix environment which is designed to emulate common corporate setups. Many penetration testing classes focus on Windows based methodologies and attacks, neglecting the wide array of Unix scenarios that may be encountered in the real world. After the third day the students will not only be capable of taking over a Windows domain, but they will also be able to compromise Unix domains as well. Some of the techniques covered in the Unix domain are also applicable to mobile devices.

Students will test all of the skills they have gained in the course against a virtual network specially designed for the class. The labs will be interwoven into the lecture so that students will receive a significant amount of time practically exercising these new skills as they learn. By the end of the class students will have spent roughly 50% of the time in a lab environment.

Who Should Attend

This training is for technical IT security professionals like pentesters, but also for interested hackers.

Technical Requirements and prerequisites

Student machines must be able to run at least 2 virtual machines utilizing either: VMWare Workstation (which can be obtained through a demo license) or Virtual Box. This usually means at least 4 gig’s of memory is needed.

Student laptops must be running either OSX, Linux, or Windows and they must have the ability to disable all antivirus on the machine. You must have administrative access on your machine as well for sniffing traffic, adjusting firewalls, etc, etc.

Students must have:

  • a concept of scripting languages such as Python/Perl/Ruby
  • A medium level of systems administration on a Windows or Linux machine (Windows preferable but not a must)
  • Student’s laptop must be capable of running the Metasploit software

Detailed Agenda

Day 1

  • intros
  • schedule & venue
  • class setup
  • class overview / philosophy
  • Metasploit Tutorial
    • msf background / history
    • core components/meterpreter
    • Multihandler
    • auxiliary modules / scanners
    • exploits & payloads
  • recon activities

Day 2

  • Initial Penetration
    • Web / sqli
    • Social Engineering
    • File format attacks
    • Java applet
    • Physical & Hardware
  • Post Exploitation
    • Command & Control
    • Persistence
    • Stealth
    • PSP Evasion
    • Cleanup
    • Data Exfiltration Strategies

Day 3

  • Unix Domain Takeover
    • Unix Intro
    • NFS
    • Authentication Systems
    • Kerberos
    • SSH
  • Windows Domain Takeover
    • Lateral Movement
    • SMB
      • WPAD
      • SMBRELAY
  • Insecure Services
  • Privilege Escalation
  • RDP/VNC/Sethc
  • Authentication Abuse
    • Hashes and Passwords
    • Token Hijacking
  • Domain Enumeration

Trainer Biography

Attack-Research-Logo.jpg
Russ Gideon has many years of experience in information security fulfilling many diverse roles from

being a core component of an Incident Response operation to managing an effective Red Team. Russ excels both at malware reverse engineering, which enables him to deeply understand how the attackers do what they do, as well as at high end Red Teaming where he has to penetrate sophisticated and well protected high value systems. Russ currently serves as the Director of Malware Research at Attack Research, LLC.

More information is available on carnal0wnage

300px-twitter-icon.jpg @attackresearch

http://www.attackresearch.com












24 & 25 September (09:00 - 17:00)

Register.jpg

Back to Training Overview